indexo.dev

kristofsaelen.com

.com crawl

First seen 2026-06-04 · Last seen 2026-06-04 · ok HTTP/1.1 200 406 ms crawled 2026-06-04

DE · 5.75.228.250 · AS24940 Hetzner Online GmbH

Reputation 77/100 multiple spf records no dmarc policy

Classifying

HTML metadata

Title
Kristof Saelen — independent designer & developer
Description
My portfolio, philosophy, services and more.
Canonical
https://www.kristofsaelen.com

Open Graph

title
Kristof Saelen — independent designer & developer
description
My portfolio, philosophy, services and more.

Technology

Server
nginx
jQuery
3.7.1

Third-party hosts loaded (2)

  • plausible.monokroom.dev×1
  • unpkg.com×1

Social

Contact

Email

Registration

Registrar
Key-Systems GmbH
Created
2007-01-13
Expires
2027-01-13 222 days left
Updated
2026-01-14
Name servers
  • helium.ns.hetzner.de
  • hydrogen.ns.hetzner.com
  • oxygen.ns.hetzner.com

DNS records live

NS
  • helium.ns.hetzner.de
  • hydrogen.ns.hetzner.com
  • oxygen.ns.hetzner.com
MX
Show 7 MX records
  • 10 aspmx.l.google.com
  • 20 alt1.aspmx.l.google.com
  • 20 alt2.aspmx.l.google.com
  • 30 aspmx2.googlemail.com
  • 30 aspmx3.googlemail.com
  • 30 aspmx4.googlemail.com
  • 30 aspmx5.googlemail.com

Email authentication weak

SPF
v=spf1 a:kristofsaelen.com/20 ~all
softfail (~all) · multiple SPF records
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-04-17 to 2026-07-16
Expires in 41 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.kristofsaelen.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • cross-origin-opener-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline' https://code.jquery.com https://cdnjs.cloudflare.com https://www.googletagmanager.com https://www.google-analytics.com https://region1.google-analytics.com https://*.googletagmanager.com https://plausible.monokroom.dev https://unpkg.com;img-src 'self' data: https://www.googletagmanager.com https://www.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https://*.g.doubleclick.net https://*.google.com https://*.google.<TLD>;connect-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://region1.google-analytics.com https://*.google-analytics.com https://*.analytics.google.com https://*.g.doubleclick.net https://*.google.com https://*.google.<TLD> https://plausible.monokroom.dev;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains, max-age=31536000
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin

Links to (1)